Security Compliance Hub

Security Compliance Hub

Optimising Your Compliance Journey

Security assessment tools to help your organisation meet regulatory compliance standards.

What is Security Compliance Hub?

170+ Questions
7 Frameworks
AI Analysis by Phronesis, your trusted security advisor
AI Policy Generator — 8 tailored security policies
Evidence Vault — per-question file storage with DLP & malware scanning
Integrations — connect your tools
68% of UK SMEs lack formal patch management policies
73% of organisations fail Access Control on first CE assessment
82% of breaches involve a human element — DORA addresses operational resilience
45% of organisations have no incident response plan (CAF Objective C)
Only 29% of firms are fully ISO 27001 compliant within 12 months
91% of cyber attacks start with a phishing email
Average CE certification takes 4–8 weeks with proper preparation
NIS2 affects 160,000+ entities across the EU
EU AI Act full compliance deadline: August 2026 for high-risk AI systems
Only 14% of organisations have a formal AI governance framework in place
Free

Compliance Readiness Assessment

One quick assessment covering CE, ISO 27001, CAF & DORA. Find your gaps and closest framework in minutes.

  • 30 questions across 7 security domains
  • Cross-mapped to 4 frameworks simultaneously
  • Shows which framework you're closest to
  • Prioritised gap analysis & roadmap
Start Readiness Assessment
7-Day Free Trial
CE

Cyber Essentials Readiness Checker

Self-assess your organisation against all five Cyber Essentials v3.3 technical controls.

  • AI-powered analysis by Phronesis, your security advisor
  • Radar chart, heatmap, and PDF report
  • Supply chain vendor risk module
  • Share results via secure link
Start CE Readiness Checker
Deep-Dive Assessments
7-Day Free Trial
DORA

DORA Compliance Assessment

Evaluate your organisation against the EU Digital Operational Resilience Act for financial entities.

  • All 5 DORA pillars covered
  • 49 questions across Articles 5–45
  • Entity-specific regulatory guidance
  • Phronesis AI analysis & share via secure link
Start DORA Assessment
7-Day Free Trial
CAF

NCSC CAF Assessment

Evaluate your organisation against the NCSC Cyber Assessment Framework for operators of essential services.

  • All 14 CAF principles covered
  • IGP alignment and gap analysis
  • Attack surface discovery & breach exposure check
  • Phronesis AI analysis & board-level reporting
  • Share results via secure link
Start CAF Assessment
7-Day Free Trial
ISO

ISO 27001 ISMS Assessment

Evaluate your Information Security Management System against ISO 27001:2022 clauses and Annex A controls.

  • 8 sections covering Clauses 4–10 & Annex A
  • 58 questions mapped to ISO 27001:2022
  • Phronesis AI analysis & certification readiness
  • Share results via secure link
Start ISO 27001 Assessment
7-Day Free Trial

AI Governance Assessment

Assess your AI governance readiness against the EU AI Act, ISO/IEC 42001, and NIST AI RMF frameworks.

  • 6 domains, 42 questions across AI governance
  • EU AI Act risk classification mapping
  • Phronesis AI analysis & regulatory guidance
  • Share results via secure link
Start AI Governance Assessment
Unified Dashboard
★ Featured

Unified Compliance Dashboard

GRC-style cross-framework consolidation combining CAF, DORA, ISO 27001, NIS2 and NIST CSF 2.0 coverage in a single dashboard — without the enterprise GRC price tag or an implementation project.

  • NIST CSF 2.0 & NIS2 derived scoring from your existing CAF + DORA results
  • Unified gap analysis across every framework you run
  • Side-by-side radar charts & framework coverage bars
  • Board-ready PDF export & JSON download
Open Dashboard

Connect your tools & go agentic

Turn assessment gaps into actions automatically — create tickets, send alerts, push GRC evidence, enrich assessments with real scan data, and let Phronesis call live tools mid-analysis.

Learn more →
⚡ Agentic Analysis by Phronesis Jira Slack Teams Vanta Entra ID Attack Surface Vuln Management ServiceNow + more
How Ready Are You?
Answer 3 quick questions to gauge your security posture — no login required.
Does your organisation enforce multi-factor authentication (MFA) for all admin accounts?
How frequently does your organisation apply security patches to critical systems?
Does your organisation have a documented incident response plan that is tested regularly?
Framework Comparison Matrix
See how security domains map across all five frameworks at a glance.
Security Domain Cyber Essentials ISO 27001 NCSC CAF DORA AI Governance
Access Control & Authentication ✓ Control 4 ✓ A.9 ✓ B2 ✓ Art. 9 ~ D5
Patch Management ✓ Control 3 ✓ A.12 ✓ B3 ~ Art. 7
Firewall & Network Security ✓ Control 1 ✓ A.13 ✓ B4 ~ Art. 9
Malware Protection ✓ Control 5 ✓ A.12 ✓ B3 ~ Art. 7
Secure Configuration ✓ Control 2 ✓ A.14 ✓ B3 ✓ Art. 9
Incident Response ✓ A.16 ✓ C1, C2 ✓ Art. 17 ✓ D2
Risk Management ✓ Cl. 6 ✓ A1, A2 ✓ Art. 6 ✓ D2
Supply Chain / Third-Party ~ Optional ✓ A.15 ✓ A4 ✓ Art. 28-30 ✓ D2
Business Continuity ✓ A.17 ✓ D1, D2 ✓ Art. 11-12
Governance & Awareness ✓ Cl. 5, A.7 ✓ A1, B1 ✓ Art. 5, 13 ✓ D1
AI Transparency & Fairness ✓ D4
Data Governance (AI) ~ A.8 ✓ D3
Framework Relationships
Hover over nodes to see how frameworks interconnect and build on each other.
CE Foundation ISO 27001 CAF NCSC DORA EU Finance AI Governance builds on aligns with maps to overlaps complements
Time-to-Certify Estimator
Get a rough timeline based on your organisation size and target framework.

Coverage Heatmap Preview
A preview of typical gap patterns across frameworks. Take the full assessment for your personalised heatmap.
CE
ISO 27001
CAF
DORA
Access Control
85%
78%
62%
58%
Patch Mgmt
55%
61%
48%
35%
Network Security
72%
65%
59%
52%
Incident Response
N/A
54%
38%
32%
Risk Governance
N/A
60%
55%
48%
Supply Chain
30%
45%
38%
52%
Continuity
N/A
50%
45%
38%
High (70%+) Medium (40–69%) Low (<40%) Not Covered